package com.qiqidream.admin.security.url;

import com.alibaba.fastjson.JSON;
import com.qiqidream.admin.common.response.ResponseCode;
import com.qiqidream.admin.common.response.ResponseResult;
import com.qiqidream.admin.common.utils.ResponseUtil;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * 认证url权限 - 登录后访问接口无权限
 * @author QiQiDream
 * @since 2019/11/18 9:52
 */
@Component
public class UrlAccessDeniedHandler implements AccessDeniedHandler {
    @Override
    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException e){

        //登录过后的权限处理 【注：要和未登录时的权限处理区分开】
        ResponseResult result = ResponseResult.failed(ResponseCode.FORBIDDEN,"无权访问");
        ResponseUtil.out(response, JSON.toJSONString(result));
    }
}
